Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
41424344454647484950
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
49
Signature ID: 266
Attempt to check if IIS server has the .HTR ISAPI filter mapped
Threat Level: Warning
Industry ID: CVE-2002-0071
CVE-2000-1230 Bugtraq: 4474,2274 Nessus: 10932,10943
Signature Description: Microsoft Internet Information Server (IIS) is a popular web server package for Windows based
platforms. Buffer overflow in the ‘ism.dll’ ISAPI extension that implements HTR scripting in IIS 4.0 and
5.0 allows attackers to cause a denial of service or execute arbitrary code via HTR requests with long variable names.
Signature ID: 268
JRun directory traversal vulnerability
Threat Level: Warning
Industry ID: CVE-2001-1544 Bugtraq: 3666 Nessus: 10997
Signature Description: JRun is an application server from Macromedia that is based on Sun Microsystems Java 2
Platform, Enterprise Edition (J2EE). JRun consists of Java Server Page (JSP), Java servlets, Enterprise JavaBeans, the
Java Transaction Service (JTS), and the Java Messaging Service (JMS). JRun works with the most popular Web servers
including Apache, Microsoft's Internet Information Server (IIS), and any other Web server that supports Internet Server
Application Program Interface (ISAPI). Macromedia JRun 2.3.3, Macromedia JRun 3.0 and Macromedia JRun 3.1 are
vulnerable to directory traversal. A successful exploitation of this vulnerability allows an attacker to access sensitive
information on the vulnerable system.
Signature ID: 269
IIS 5.0 Sample Application physical path disclosure vulnerability
Threat Level: Warning
Nessus: 10573
Signature Description: Microsoft Internet Information Server (IIS) is a popular web server package for Windows based
platforms. A sample application shipped with IIS 5.0 discloses the physical path of the web root. An attacker can use
this information to make more focused attacks.
Signature ID: 270
IIS 5.0 Sample App vulnerable to cross-site scripting attack
Threat Level: Warning
Nessus: 10572
Signature Description: Microsoft Internet Information Server (IIS) is a popular web server package for Windows based
platforms. The sample script ‘/iissamples/sdk/asp/interaction/Form_JScript.asp’ takes user input into a
form field. On submission, it displays a page with the text that the user entered. This script does not perform any input
validation. Hence, malicious users can use this script to do a cross site scripting attack.
Signature ID: 271
GroupWise Web Interface 'HTMLVER' vulnerability
Threat Level: Warning
Industry ID: CVE-2002-0341 CVE-2002-0341 Bugtraq: 4206 Nessus: 10873
Signature Description: GroupWise is a cross-platform collaborative software product from Novell, Inc. offering e-mail,
calendaring, instant messaging and document management. GroupWise includes a web access component for use
through a web browser. In Novell Groupwise Web Access 5.5 ,GWWEB.EXE allows remote attackers to determine the
physical path of the web server root directory using a HTTP request with an invalid HTMLVER parameter. An attacker
can use this information to make more focused attacks.